Monthly Archives: September 2011

TRICARE, the U.S. military health program, has reported a massive breach affecting protected health information for 4.9 million patients in 10 states treated in San Antonio military facilities between 1992 and Sept. 7, 2011.

Microsoft used the same technique that worked in its earlier takedowns of the Rustock and Waledac botnets, asking a U.S. court to order Verisign to shut down 21 Internet domains associated with the command-and-control servers that form the brains of the Kelihos botnet.

The PCI SSC stated that while Visa is not requiring merchants to file a ROC or AOC, the merchant still has to ensure that it is PCI DSS compliant. This means that the merchant still must go through the PCI compliance assessment process of a ROC or respective SAQ to ensure that their controls are functioning properly.

The Federal Trade Commission announced yesterday that it is seeking public comment on proposed changes to the Children’s Online Privacy Act, which would strengthen the law’s ability to protect children under the age of 13

Amazon Web Services LLC AWS, an Amazon.com company NASDAQ: AMZN, today announced it has received Federal Information Security Management Act FISMA Moderate Authorization and Accreditation from the U.S. General Services Administration.

The PCI Security Standards Council today is expected to issue guidelines on use of point-to-point encryption in protecting sensitive payment card data, but the narrow approach — which is focused on hardware — is raising questions.